Class XssProtectionCheck
Health check for the recommended production setup regarding the X-XSS-Protection header.
Namespace: Umbraco.Cms.Core.HealthChecks.Checks.Security
Assembly: Umbraco.Core.dll
Syntax
public class XssProtectionCheck : BaseHttpHeaderCheck, IDiscoverableConstructors
View SourceXssProtectionCheck(IHostingEnvironment, ILocalizedTextService)
Initializes a new instance of the Xss
Declaration
public XssProtectionCheck(IHostingEnvironment hostingEnvironment, ILocalizedTextService textService)Parameters
| Type | Name | Description |
|---|---|---|
| IHosting |
hostingEnvironment | |
| ILocalized |
textService |
Remarks
The check is mostly based on the instructions in the OWASP CheatSheet (https://www.owasp.org/index.php/HTTP_Strict_Transport_Security_Cheat_Sheet) and the blog post of Troy Hunt (https://www.troyhunt.com/understanding-http-strict-transport/) If you want do to it perfectly, you have to submit it https://hstspreload.appspot.com/, but then you should include subdomains and I wouldn't suggest to do that for Umbraco-sites.
Properties
View SourceReadMoreLink
Gets a link to an external read more page.
Declaration
protected override string ReadMoreLink { get; }Property Value
| Type | Description |
|---|---|
| System. |